From 62d75a196a199e3b23ad55b60b53a59e1db915a1 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Wed, 1 Nov 2023 09:05:08 -0700
Subject: [PATCH] Switch PyPI publishing to use trusted publishers (backport
#1284) (#1308)
This is an automatic backport of pull request #1284 done by
[Mergify](https://mergify.com).
---
Mergify commands and options
More conditions and actions can be found in the
[documentation](https://docs.mergify.com/).
You can also trigger Mergify actions by commenting on this pull request:
- `@Mergifyio refresh` will re-evaluate the rules
- `@Mergifyio rebase` will rebase this PR on its base branch
- `@Mergifyio update` will merge the base branch into this PR
- `@Mergifyio backport ` will backport this PR on
`` branch
Additionally, on Mergify [dashboard](https://dashboard.mergify.com) you
can:
- look at your merge queues
- generate the Mergify configuration with the config editor.
Finally, you can contact us on https://mergify.com
Co-authored-by: Helena Zhang
---
.github/workflows/release.yml | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ddd408f251..8c7a18ce1d 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,6 +7,9 @@ jobs:
wheel-build:
name: Build and Publish Release Artifacts
runs-on: ubuntu-latest
+ environment: release
+ permissions:
+ id-token: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
@@ -14,7 +17,7 @@ jobs:
with:
python-version: '3.8'
- name: Install Deps
- run: pip install -U twine wheel
+ run: pip install -U wheel
- name: Build Artifacts
run: |
python setup.py sdist
@@ -24,7 +27,4 @@ jobs:
with:
path: ./dist/qiskit*
- name: Publish to PyPi
- env:
- TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
- TWINE_USERNAME: qiskit
- run: twine upload dist/qiskit*
+ uses: pypa/gh-action-pypi-publish@release/v1